Privacy Commissioner finds Australia more confident in reporting breaches to police

The Office of the Australian Information Commissioner has found that only a handful of surveyed respondents would actively report the misuse of information to a state or federal Privacy Commissioner.
Written by Asha Barbaschow, Contributor

A report from the Office of the Australian Information Commissioner (OAIC) has revealed that only 53 percent of people it surveyed were able to nominate an organisation to report the misuse of their information to.

The OAIC said that when asked, only 47 percent admitted awareness of a Privacy Commissioner -- either federal or state level -- but a mere 7 percent said they would report misuse of information to a Privacy Commissioner.

Rather, 12 percent would prefer to report such acts to the police, and 9 percent would rather directly contact the organisation involved.

The 2017 Australian Community Attitudes to Privacy Survey (ACAPS) found that Australians have awarded the highest level of trust to health service providers, followed by financial institutions, and then both state and federal government departments.

Of the 1,800 Australians surveyed, 16 percent said they would avoid dealing with a government agency because of privacy concerns, while 58 percent would avoid dealing with a private company for the same reasons.

A number of questions revealed that while 46 percent of respondents are comfortable with government agencies using their personal details for research or policy-making purposes, 40 percent are not comfortable, with the balance still unsure.

The report [PDF] found that 34 percent of those questioned were comfortable with the government sharing their personal information with other government agencies, while only 10 percent are comfortable with businesses sharing their information with other organisations.

In regards to trading personal information for rewards and benefits, 33 percent said they would, with 32 percent of total respondents similarly saying they would trade personal information for better customer service.

20 percent would do so for the chance to win a prize, the report said.

On the topic of misuse of information, those surveyed considered examples to be an organisation that a person has not dealt with before obtaining their personal information; personal information being revealed to other customers; and personal information being used for a purpose other than the one it was provided for.

28 percent of respondents said they had a problem with the way their information had been handled in the previous year, but only 37 percent knew they could request access to their personal information held by government entities.

Handing over financial details was flagged by 42 percent of respondents as the information they are most reluctant to provide, followed by addresses, with 24 percent of respondents concerned with someone knowing where they live as their first worry and 11 percent confirming they have previously been a victim of identity fraud or theft.

The ACAPS study has been conducted in various forms since 1990, shifting in 1988 to cover the private sector in unison with the extension of the Privacy Act. The survey was broadened to its current scope in 2001, and this year, the survey was completed using two starting samples giving 800 fixed-line/mobile telephone interviews and 1,000 online panel interviews. Previous studies were conducted entirely by telephone.

The 2017 ACAPS report covered areas such as: Federal privacy laws and community understanding of their coverage; understanding of the risks inherent in giving personal identified information to government and business; attitudes towards business and government's personal information data handling practices; the trade-off between convenience, reward, and giving personal information; the prevalence of problems and how to deal with them; personal data and new technology; and identity fraud and theft.

"The privacy landscape has evolved, community expectations have followed, and now our responses need to move to the next iteration," Australian Information and Privacy Commissioner Timothy Pilgrim said in his opening remarks.

The report also found that 32 percent of respondents believe the biggest privacy risk facing the community is online services such as social media, with 25 percent of those surveyed saying they regret the information they have broadcast on such platforms.

Similarly, the OAIC said only 21 percent of respondents felt comfortable with targeted advertising based on their online activities, and 17 percent felt comfortable with social networking sites -- such as Facebook and Instagram -- keeping databases of information on their online actions.

However, when it comes to protecting their personal information, things haven't changed much since the 2013 ACAPS report: 61 percent of respondents admitted they do not regularly read online privacy policies; 50 percent do not regularly shred documents; 50 percent do not clear their browsing history; and 43 percent have not adjusted their privacy settings on social media sites.

From February 22, 2018, Australian businesses will be required to report data breaches to the OAIC and to the people whose data has been lost or released inappropriately.

The Privacy Amendment (Notifiable Data Breaches) Act will apply to all businesses, government agencies, and organisations covered by the Privacy Act.

Editorial standards